xref: /aosp_15_r20/external/libchrome/crypto/nss_key_util.h (revision 635a864187cb8b6c713ff48b7e790a6b21769273) 
1*635a8641SAndroid Build Coastguard Worker // Copyright 2015 The Chromium Authors. All rights reserved.
2*635a8641SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*635a8641SAndroid Build Coastguard Worker // found in the LICENSE file.
4*635a8641SAndroid Build Coastguard Worker 
5*635a8641SAndroid Build Coastguard Worker #ifndef CRYPTO_NSS_KEY_UTIL_H_
6*635a8641SAndroid Build Coastguard Worker #define CRYPTO_NSS_KEY_UTIL_H_
7*635a8641SAndroid Build Coastguard Worker 
8*635a8641SAndroid Build Coastguard Worker #include <stdint.h>
9*635a8641SAndroid Build Coastguard Worker 
10*635a8641SAndroid Build Coastguard Worker #include <vector>
11*635a8641SAndroid Build Coastguard Worker 
12*635a8641SAndroid Build Coastguard Worker #include "build/build_config.h"
13*635a8641SAndroid Build Coastguard Worker #include "crypto/crypto_export.h"
14*635a8641SAndroid Build Coastguard Worker #include "crypto/scoped_nss_types.h"
15*635a8641SAndroid Build Coastguard Worker 
16*635a8641SAndroid Build Coastguard Worker typedef struct PK11SlotInfoStr PK11SlotInfo;
17*635a8641SAndroid Build Coastguard Worker 
18*635a8641SAndroid Build Coastguard Worker namespace crypto {
19*635a8641SAndroid Build Coastguard Worker 
20*635a8641SAndroid Build Coastguard Worker // Generates a new RSA keypair of size |num_bits| in |slot|. Returns true on
21*635a8641SAndroid Build Coastguard Worker // success and false on failure. If |permanent| is true, the resulting key is
22*635a8641SAndroid Build Coastguard Worker // permanent and is not exportable in plaintext form.
23*635a8641SAndroid Build Coastguard Worker CRYPTO_EXPORT bool GenerateRSAKeyPairNSS(
24*635a8641SAndroid Build Coastguard Worker     PK11SlotInfo* slot,
25*635a8641SAndroid Build Coastguard Worker     uint16_t num_bits,
26*635a8641SAndroid Build Coastguard Worker     bool permanent,
27*635a8641SAndroid Build Coastguard Worker     ScopedSECKEYPublicKey* out_public_key,
28*635a8641SAndroid Build Coastguard Worker     ScopedSECKEYPrivateKey* out_private_key);
29*635a8641SAndroid Build Coastguard Worker 
30*635a8641SAndroid Build Coastguard Worker // Imports a private key from |input| into |slot|. |input| is interpreted as a
31*635a8641SAndroid Build Coastguard Worker // DER-encoded PrivateKeyInfo block from PKCS #8. Returns nullptr on error. If
32*635a8641SAndroid Build Coastguard Worker // |permanent| is true, the resulting key is permanent and is not exportable in
33*635a8641SAndroid Build Coastguard Worker // plaintext form.
34*635a8641SAndroid Build Coastguard Worker CRYPTO_EXPORT ScopedSECKEYPrivateKey
35*635a8641SAndroid Build Coastguard Worker ImportNSSKeyFromPrivateKeyInfo(PK11SlotInfo* slot,
36*635a8641SAndroid Build Coastguard Worker                                const std::vector<uint8_t>& input,
37*635a8641SAndroid Build Coastguard Worker                                bool permanent);
38*635a8641SAndroid Build Coastguard Worker 
39*635a8641SAndroid Build Coastguard Worker // Decodes |input| as a DER-encoded X.509 SubjectPublicKeyInfo and searches for
40*635a8641SAndroid Build Coastguard Worker // the private key half in the key database. Returns the private key on success
41*635a8641SAndroid Build Coastguard Worker // or nullptr on error.
42*635a8641SAndroid Build Coastguard Worker CRYPTO_EXPORT ScopedSECKEYPrivateKey
43*635a8641SAndroid Build Coastguard Worker FindNSSKeyFromPublicKeyInfo(const std::vector<uint8_t>& input);
44*635a8641SAndroid Build Coastguard Worker 
45*635a8641SAndroid Build Coastguard Worker // Decodes |input| as a DER-encoded X.509 SubjectPublicKeyInfo and searches for
46*635a8641SAndroid Build Coastguard Worker // the private key half in the slot specified by |slot|. Returns the private key
47*635a8641SAndroid Build Coastguard Worker // on success or nullptr on error.
48*635a8641SAndroid Build Coastguard Worker CRYPTO_EXPORT ScopedSECKEYPrivateKey
49*635a8641SAndroid Build Coastguard Worker FindNSSKeyFromPublicKeyInfoInSlot(const std::vector<uint8_t>& input,
50*635a8641SAndroid Build Coastguard Worker                                   PK11SlotInfo* slot);
51*635a8641SAndroid Build Coastguard Worker 
52*635a8641SAndroid Build Coastguard Worker }  // namespace crypto
53*635a8641SAndroid Build Coastguard Worker 
54*635a8641SAndroid Build Coastguard Worker #endif  // CRYPTO_NSS_KEY_UTIL_H_
55